Tuesday, May 28, 2013

Using two-factor authentication on Localbitcoins.com

We've recently updated LocalBitcoins.com login process. While it's simplified and more clear, the previously omnipresent two-factor authentication code was obscured. But two factor authentication is still there, and stronger than ever!

Why two-factor authentication?

Security! Normal logins are simply something you know: you know your username and password. Two factor login adds a new vector, such as something physical you have. This physical token could be a smart card, a dongle or a phone: all it needs to do is provide a way to prove its existence as needed. The simplest way is to generate a series of numbers based on a shared secret and the current time: any series of numbers is only valid for a short time, making it useless afterward.

How to use two-factor authentication?

Our two factor authentication process is based on Google Authenticator mobile application. It requires a smartphone (Android / iPhone) .

Once you have Google Authenticator installed, just point your browser to your profile edit page on LocalBitcoins.com (click your username after log in) and scroll down to the two factor authentication title. Open the Authenticator application on your mobile phone, choose Set Up New Account and scan the QR barcode code from your account page. Write down the secret key below the QR code and store safely, preferably separate from your main computer. The secret key can be installed on a new smartphone later, allowing you to continue logging in to LocalBitcoins.com.

That's all. Try it out by logging out and back in. After you enter your login details, you will be prompted for the Authenticator code at the moment. With the authenticator app punch in the code displayed.

1 comment:

I am convinced with the reasons you have listed in favor of using this scheme for securing data and information. You have pointed some really strong reasons to justify that its the best option.electronic signature software